nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Multiple DNS implementations vulnerable to cache poisoning

From: "Christopher Morrow" <morrowc.lists () gmail com>
Date: Wed, 9 Jul 2008 12:05:38 -0400
On Wed, Jul 9, 2008 at 11:41 AM, Steven M. Bellovin <smb () cs columbia edu> wrote:


The ISC web page on the attack notes "DNSSEC is the only definitive
solution for this issue. Understanding that immediate DNSSEC deployment
is not a realistic expectation..."  I wonder what NANOG folk can do
about the second part of that quote...


get the root zone signed, get com/net/org/ccTLD's signed.. oh wait,
that's not nanog... doh!

Pressure your local ICANN officers?

-Chris
Previous By Date Next
Previous By Thread Next

Current thread: